Skip to main content

Computing Improvement Program CVE-2021-0052

HIGH
Improper Privilege Management (CWE-269)
2021-06-09 secure@intel.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 09, 2021 - 20:15 nvd
HIGH 7.8

DescriptionNVD

Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access.

AnalysisAI

Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Improper Privilege Management (CWE-269), which allows attackers to escalate privileges to gain unauthorized elevated access. Incorrect default privileges in the Intel(R) Computing Improvement Program before version 2.4.6522 may allow an authenticated user to potentially enable an escalation of privilege via local access. Affected products include: Intel Computing Improvement Program. Version information: version 2.4.6522.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply principle of least privilege, validate privilege transitions, implement proper role separation.

CVE-2021-0074 HIGH
7.8 Jun 09

Improper permissions in the installer for the Intel(R) Computing Improvement Program software before version 2.4.5982 ma

CVE-2020-8736 HIGH
7.8 Aug 13

Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an

CVE-2019-11162 HIGH
7.8 Aug 19

Insufficient access control in hardware abstraction in SEMA driver for Intel(R) Computing Improvement Program before ver

CVE-2018-12168 HIGH
7.8 Sep 12

Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an

CVE-2024-36482 HIGH
7.1 Nov 13

Improper input validation in some Intel(R) CIP software before version 2.4.10852 may allow a privileged user to potentia

CVE-2020-12308 MEDIUM
6.5 Nov 12

Improper access control for the Intel(R) Computing Improvement Program before version 2.4.5982 may allow an unprivileged

CVE-2024-36276 MEDIUM
5.4 Nov 13

Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user t

CVE-2025-24863 MEDIUM
6.0 Nov 11

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Appl

CVE-2025-24862 LOW
2.0 Nov 11

Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within

CVE-2025-24847 MEDIUM
5.7 Nov 11

Improper input validation for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applicat

CVE-2025-24838 HIGH
7.7 Nov 11

Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Appl

CVE-2025-24834 MEDIUM
6.0 Nov 11

Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Appli

Share

CVE-2021-0052 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy